Cyber Security Specialist (Mid‑Level)

About the role

We are looking for a mid‑level Cyber Security Specialist to join Avvale’s Security team. Reporting to the Security Manager, you will help govern the company’s defence infrastructure and ensure compliance with key data‑protection regulations.

Key responsibilities

• Monitor and operate core security controls such as XDR/EDR, Email Security Gateway, MDM, DNS Protection and DLP, handling Level‑2 tickets via ITSM platforms.
• Assist the Security Manager in defining, implementing and auditing security policies, standards and procedures aligned with ISO 27001, NIST and GDPR.
• Coordinate day‑to‑day activities with Managed Security Service Providers and internal IT teams, manage escalated alerts and support incident‑response remediation.
• Analyse vulnerability scan results, prioritise risks, track patching and remediation after penetration tests or threat‑hunting exercises.
• Contribute to Governance, Risk & Compliance (GRC) and third‑party risk programmes, reviewing security policies, assessing vendors and monitoring supply‑chain posture.
• Support internal and external audits by preparing required documentation and evidence.
• Drive cybersecurity awareness through training, phishing simulations and participation tracking.

Required profile

• Mid‑level experience in information security or a related field.
• Strong technical foundation with a pragmatic approach to GRC processes.
• Ability to act as a liaison between external security service providers and internal stakeholders.

Required skills

• XDR / EDR platforms
• Email Security Gateway
• Mobile Device Management (MDM)
• DNS Protection
• Data Loss Prevention (DLP)
• ITSM / ticketing systems
• ISO 27001, NIST, GDPR compliance
• Vulnerability Management and patch tracking
• Penetration testing and threat‑hunting concepts
• Incident response coordination
• Security policy and SOP development
• Third‑party risk assessment
• Audit support and documentation
• Cybersecurity awareness training and phishing simulation

What we offer

• Remote work flexibility (up to 5 days/week in Italy, extended remote periods in SEE and Switzerland).
• Annual training budget for certifications, courses and language classes.
• Commitment to gender equality and inclusive workplace.
• Opportunities to work with cutting‑edge security technologies across a global network.